[Samba] Samba machine's account migration
Hello, I moved my samba to another server, but my windows computer can't login. I tested this: put win computer out of domain, and re-add it. But i loose my personal application changes. How can i allow windows computers to login to my samba domain ? Should i create machines' account with the same linux ID ? Really thanks for help, Regards. Mél. _ Inédit ! Des Emoticônes Déjantées! Installez les dans votre Messenger ! http://www.ilovemessenger.fr/Emoticones/EmoticonesDejantees.aspx-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] question add user script
murrah boswell wrote: Hello all, I have never had the need to use the add user script functionality but now I do. However, it does not seem to be working. My smb.conf entry is like so: add user script = /remote/configure_scripts/addusers.sh where addusers.sh is a bash script that reads in a text file of usernames, groups, and passwords and adds the users to /etc/passwd, /etc/group/ and /etc/samba/smbpasswd. The addusers.sh works fine from the command line but samba doesn't appear to call it. I see that checks for add user script and add machine script are in the source code, so did I miss an option when I compiled samba or what else is it that I am missing to get the script to trigger? Also while I am on the subject of the add user script, would it be possible to pass the username and password from samba to a shell script? In other words, could I have something like add user script = /remote/configure_scripts/addusers.sh %u %p where %p is whatever samba holds the password variable in? But first things first, how can I get the add user script functionality to work? Thanks, Murrah Boswell The add user script I use is /usr/sbin/useradd -g users %u. The script should only add one user at a time as far as I know. Here is what the SWAT documentation has to say about it: add user script (G) This is the full pathname to a script that will be run /AS ROOT/ by smbd(8) http://whenim64:901/swat/help/manpages/smbd.8.html under special circumstances described below. Normally, a Samba server requires that UNIX users are created for all users accessing files on this server. For sites that use Windows NT account databases as their primary user database creating these users and keeping the user list in sync with the Windows NT PDC is an onerous task. This option allows smbd to create the required UNIX users /ON DEMAND/ when a user accesses the Samba server. In order to use this option, smbd(8) http://whenim64:901/swat/help/manpages/smbd.8.html must /NOT/ be set to security = share http://whenim64:901/swat/help/manpages/smb.conf.5.html#SECURITY and add user script http://whenim64:901/swat/help/manpages/smb.conf.5.html#ADDUSERSCRIPT must be set to a full pathname for a script that will create a UNIX user given one argument of /|%u|/, which expands into the UNIX user name to create. When the Windows user attempts to access the Samba server, at login (session setup in the SMB protocol) time, smbd(8) http://whenim64:901/swat/help/manpages/smbd.8.html contacts the password server http://whenim64:901/swat/help/manpages/smb.conf.5.html#PASSWORDSERVER and attempts to authenticate the given user with the given password. If the authentication succeeds then |smbd| attempts to find a UNIX user in the UNIX password database to map the Windows user into. If this lookup fails, and add user script http://whenim64:901/swat/help/manpages/smb.conf.5.html#ADDUSERSCRIPT is set then |smbd| will call the specified script /AS ROOT/, expanding any /|%u|/ argument to be the user name to create. If this script successfully creates the user then |smbd| will continue on as though the UNIX user already existed. In this way, UNIX users are dynamically created to match existing Windows NT accounts. See also security http://whenim64:901/swat/help/manpages/smb.conf.5.html#SECURITY, password server http://whenim64:901/swat/help/manpages/smb.conf.5.html#PASSWORDSERVER, delete user script http://whenim64:901/swat/help/manpages/smb.conf.5.html#DELETEUSERSCRIPT. Default: //|add user script|/ = || / Example: //|add user script|/ = |/usr/local/samba/bin/add_user %u|/ Note that the script is not intended to add multiple users nor set their passwords. It is supposed to add a single Unix user only. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba machine's account migration
Maxime V wrote: Hello, I moved my samba to another server, but my windows computer can't login. I tested this: put win computer out of domain, and re-add it. But i loose my personal application changes. How can i allow windows computers to login to my samba domain ? Should i create machines' account with the same linux ID ? Really thanks for help, Regards. Mél. I don't know if this helps or not but what I do is log into the Windows machine with a local administrator account then use the Windows Network Id dialogue to add the machine to the domain. Right-click on My Computer, select properties then on the Computer Name tab click on Network Id. Note that you need a working add machine script in your smb.conf. Debian uses /usr/sbin/useradd -g machines -c Machine -d /dev/null -s /bin/false %u. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] net vampire and WIn2003 AD
Hello Samba People, it is my first letter to Samba ML, so first of all - thanks Samba team for a great SW. Now the question: I want to migrate from Win2003 AD to Samba 3.3.2. I want to use net vampire feature to import all account information (is there any other way to do it?). Net vampire works partly - in the direct meaning of this word - it is importing only 131 objects. How come? Full story: Samba is configured with OpenLdap and smbldap-tools. They are working. Then I launch: net rpc vampire ldif connection parameters to win server it instantly gives me: Fetching (to ldif) DOMAIN database Failed to fetch DOMAIN database: NT_STATUS_SYNCHRONIZATION_REQUIRED nothing is vampired. if I run command without ldif, it imports 131 objects and then gives me the same: . 131 time Creating account: lalalala Failed to fetch DOMAIN database: NT_STATUS_SYNCHRONIZATION_REQUIRED Windows server gives me two event messages after that: Event ID: 5713: The full synchronization request from the server SERVER completed successfully. 131 object(s) has(have) been returned to the caller. And the other Warning: Event ID 5714 The full synchronization request from the server SERVER failed with the following error: This replicant database is outdated; synchronization is required. If I check LDAP database - it is filled with imported data. The only thing I miss is LM password, but this is not a problem, since I can reset passwords. What is interesting - I thought there is some objects with national characters and I tried to deleted some unused objects from AD. I did this kind of cleaning several times and every time I do vampire i have imported 131 objects (atleast windows say that, I did not count). After each cleaning vampire fails on the different object, but on 131st. I tried sorting AD objects by modification date, but this did not give me a clue about why import stops after 131 objects. I can provide full info of my samba setup, but I guess my setup is ok, since some objects are imported. (where some things net rpc vampire command said to me,like: smb_set_primary_group: gave 1, but I don't think this is a problem, because import doesn't stop on this mesages. There is a porblem, why vampire imports just part of the accounts. Why net rpc vampire ldif give error instantly and doesn't import anything, but net rpc vampire (without keyword ldif0 starts working? thanks for your time Liutauras -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] question add user script
murrah boswell wrote: The add user script I use is /usr/sbin/useradd -g users %u. The script should only add one user at a time as far as I know. Here is what the SWAT documentation has to say about it: add user script (G) This is the full pathname to a script that will be run /AS ROOT/ by smbd(8) http://whenim64:901/swat/help/manpages/smbd.8.html under special circumstances described below. Normally, a Samba server requires that UNIX users are created for all users accessing files on this server. For sites that use Windows NT account databases as their primary user database creating these users and keeping the user list in sync with the Windows NT PDC is an onerous task. This option allows smbd to create the required UNIX users /ON DEMAND/ when a user accesses the Samba server. I guess I completely misunderstood the functionality of the add user script option. Teach me to RTFM. When the Windows user attempts to access the Samba server, at login (session setup in the SMB protocol) time, smbd(8) http://whenim64:901/swat/help/manpages/smbd.8.html contacts the password server http://whenim64:901/swat/help/manpages/smb.conf.5.html#PASSWORDSERVER and attempts to authenticate the given user with the given password. If the authentication succeeds then |smbd| attempts to find a UNIX user in the UNIX password database to map the Windows user into. If I see here, and in the smb.conf man pages now, that I need to setup a password server for this to work. But I believe there are other issues I need to resolve for my project. My objective is to have a LTSP (Linux Terminal Server Project utilizing https://fedorahosted.org/k12linux/wiki/LiveServer) server/client environment in a school system where students can boot off of a USB stick or CD from any workstation or laptop and access group specific samba shares in the environment. Ideally they would be able to access the shares from the on-site school environment and from home (or off-site). I still have tons of homework to do on this project, but I do thank you for pointing me to clarification on the add user script option. One of my thoughts here is to allow a user on an unknown machine to request that their machine be allowed to create a trusted machine account after their username/password has been authenticated and they respond to an email sent to their email address on record. Does this make sense or am I adding too much complexity to the project? The way Windows operates is that machine accounts need a user with Domain Administration privileges to add the machine. This could be done by the user requesting access somehow and then using the e-mail reply to trigger a script running on a Domain Controller to add the machine account. However, the user can't log in with their domain account until the machine they are on is added to the domain. This makes your idea difficult to implement. Possibly setting up a web interface on a Domain Controller, letting the user authenticate to it (against the samba passwords) and having that send the e-mails for them to reply to. It sound like it may be doable but it will be complicated. Regards, Murrah Boswell this lookup fails, and add user script http://whenim64:901/swat/help/manpages/smb.conf.5.html#ADDUSERSCRIPT is set then |smbd| will call the specified script /AS ROOT/, expanding any /|%u|/ argument to be the user name to create. If this script successfully creates the user then |smbd| will continue on as though the UNIX user already existed. In this way, UNIX users are dynamically created to match existing Windows NT accounts. See also security http://whenim64:901/swat/help/manpages/smb.conf.5.html#SECURITY, password server http://whenim64:901/swat/help/manpages/smb.conf.5.html#PASSWORDSERVER, delete user script http://whenim64:901/swat/help/manpages/smb.conf.5.html#DELETEUSERSCRIPT. Default: //|add user script|/ = || / Example: //|add user script|/ = |/usr/local/samba/bin/add_user %u|/ Note that the script is not intended to add multiple users nor set their passwords. It is supposed to add a single Unix user only. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] group mapping question
Miguel Medalha wrote: net groupmap add ntgroup=Domain Admins unixgroup=domadm rid=512 type=d Question 1: if my previous /etc/group names already match the ntgroup names, do I still need to run the above command? Yes. Okay, Now I am really confused. I have three users in my PDC that exist no where else. In /etc/groups they are assigned to users (100). My smb.conf restricts users to group users. These three users are able to use my shares. Why does this work? I thought net groupmap add was only to be used when named differed? What am I missing? -T -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] current master browser UNKNOWN
Hi all. I have a problem. I'm trying to let samba run as WINS server and as domain master. But if I run nmbd in debug mode it says: dump workgroup on subnet UNICAST_SUBNET: netmask= 10.8.0.1: FREAKYYDE(1) current master browser = UNKNOWN MASTER 40899a03 (master server) the servers hostname is master. i've tried to explicitly set it in the config but it doesnt help. Can anybody help me? :) Thank you! :) Uwe Pfeifer -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] current master browser UNKNOWN
Hmm, over that it says: dump workgroup on subnet10.8.0.1: netmask= 255.255.255.0: FREAKYYDE(1) current master browser = MASTER MASTER 408c9a03 (master server) so it seems ok but I still can't see the server on the network. I also don't see any error message. Here is some part what I get when running nmbd -i -S -d 10: Sending a packet of len 207 to (10.8.0.255) on port 138 announce_myself_to_domain_master_browser: I am a local master browser for workgroup FREAKYYDE on subnet 10.8.0.1 find_name_on_subnet: on subnet REMOTE_BROADCAST_SUBNET - name FREAKYYDE1b NOT FOUND find_name_on_subnet: on subnet UNICAST_SUBNET - found name FREAKYYDE1b source=2 find_workgroup_on_subnet: workgroup search for FREAKYYDE on subnet UNICAST_SUBNET: found. announce_local_master_browser_to_domain_master_browser: We are both a domain and a local master browser for workgroup FREAKYYDE. Do not announce to ourselves. sync_with_dmb: Initiating sync with domain master browser MASTER20 at IP 10.8.0.1 for workgroup FREAKYYDE dump_workgroups() dump workgroup on subnet10.8.0.1: netmask= 255.255.255.0: FREAKYYDE(1) current master browser = MASTER MASTER 408c9a03 (master server) dump_workgroups() dump workgroup on subnet UNICAST_SUBNET: netmask= 10.8.0.1: FREAKYYDE(1) current master browser = UNKNOWN MASTER 40899a03 (master server) find_workgroup_on_subnet: workgroup search for FREAKYYDE on subnet 10.8.0.1: found. find_workgroup_on_subnet: workgroup search for FREAKYYDE on subnet 10.8.0.1: found. find_workgroup_on_subnet: workgroup search for FREAKYYDE on subnet UNICAST_SUBNET: found. is_myname(MASTER) returns 1 is_myname(MASTER) returns 1 write_browse_list: Wrote browse list into file /var/cache/samba/browse.dat find_workgroup_on_subnet: workgroup search for FREAKYYDE on subnet UNICAST_SUBNET: found. find_workgroup_on_subnet: workgroup search for FREAKYYDE on subnet UNICAST_SUBNET: found. find_workgroup_on_subnet: workgroup search for FREAKYYDE on subnet 10.8.0.1: found. announce_myself_to_domain_master_browser: t (1241916559) - last(1241916549) 900 dump_workgroups() dump workgroup on subnet10.8.0.1: netmask= 255.255.255.0: FREAKYYDE(1) current master browser = MASTER MASTER 408c9a03 (master server) dump_workgroups() dump workgroup on subnet UNICAST_SUBNET: netmask= 10.8.0.1: FREAKYYDE(1) current master browser = UNKNOWN MASTER 40899a03 (master server) find_workgroup_on_subnet: workgroup search for FREAKYYDE on subnet UNICAST_SUBNET: found. find_workgroup_on_subnet: workgroup search for FREAKYYDE on subnet UNICAST_SUBNET: found. find_workgroup_on_subnet: workgroup search for FREAKYYDE on subnet 10.8.0.1: found. announce_myself_to_domain_master_browser: t (1241916569) - last(1241916549) 900 dump_workgroups() dump workgroup on subnet10.8.0.1: netmask= 255.255.255.0: FREAKYYDE(1) current master browser = MASTER MASTER 408c9a03 (master server) dump_workgroups() dump workgroup on subnet UNICAST_SUBNET: netmask= 10.8.0.1: FREAKYYDE(1) current master browser = UNKNOWN MASTER 40899a03 (master server) find_workgroup_on_subnet: workgroup search for FREAKYYDE on subnet UNICAST_SUBNET: found. find_workgroup_on_subnet: workgroup search for FREAKYYDE on subnet UNICAST_SUBNET: found. find_workgroup_on_subnet: workgroup search for FREAKYYDE on subnet 10.8.0.1: found. announce_myself_to_domain_master_browser: t (1241916579) - last(1241916549) 900 dump_workgroups() dump workgroup on subnet10.8.0.1: netmask= 255.255.255.0: FREAKYYDE(1) current master browser = MASTER MASTER 408c9a03 (master server) dump_workgroups() dump workgroup on subnet UNICAST_SUBNET: netmask= 10.8.0.1: FREAKYYDE(1) current master browser = UNKNOWN MASTER 40899a03 (master server) find_workgroup_on_subnet: workgroup search for FREAKYYDE on subnet UNICAST_SUBNET: found. find_workgroup_on_subnet: workgroup search for FREAKYYDE on subnet UNICAST_SUBNET: found. I don't know what else to try. Uwe Pfeifer schrieb: Hi all. I have a problem. I'm trying to let samba run as WINS server and as domain master. But if I run nmbd in debug mode it says: dump workgroup on subnet UNICAST_SUBNET: netmask= 10.8.0.1: FREAKYYDE(1) current master browser = UNKNOWN MASTER 40899a03 (master server) the servers hostname is master. i've tried to explicitly set it in the config but it doesnt help. Can anybody help me? :) Thank you! :) Uwe Pfeifer -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] group mapping question
Peter Ulrich Kruppa wrote: Am Samstag, den 09.05.2009, 13:00 -0700 schrieb MargoAndTodd: Miguel Medalha wrote: net groupmap add ntgroup=Domain Admins unixgroup=domadm rid=512 type=d Question 1: if my previous /etc/group names already match the ntgroup names, do I still need to run the above command? Yes. Okay, Now I am really confused. I have three users in my PDC that exist no where else. In /etc/groups they are assigned to users (100). My smb.conf restricts users to group users. These three users are able to use my shares. Sorry, perhaps my answer wasn't clear enough: Sambas user/group database is completely seperate from your unix user/group system. So all samba groups have to be mapped to unix groups. You have to check your system of permissions carefully, since samba can't allow things that are forbidden to unix users. Greetings, Uli. Hi Uli, Is this a difference between workgroup samba and pdc SAMBA? I have a workgroup Samba customer with about 15 /etc/groups controlling who sees what. Works perfectly. Confused, -T -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha7-1520-g5c76472
The branch, master has been updated via 5c76472491b813350d01a6398687af0e52fda819 (commit) from 6c935f95b3d4aaf0922c5a7baf59c1e8224c019a (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5c76472491b813350d01a6398687af0e52fda819 Author: Stefan Metzmacher me...@samba.org Date: Fri May 8 18:40:35 2009 +0200 s3:libsmb: fix layering of cli_ntrename_internal and its callers It's easier to have cli_ntrename_internal as a semetric async tevent_req function. cli_ntrename() and cli_nt_hardlink() should be callers on top of cli_ntrename_internal(). metze --- Summary of changes: source3/libsmb/clifile.c | 64 +- 1 files changed, 35 insertions(+), 29 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/libsmb/clifile.c b/source3/libsmb/clifile.c index cd9f486..fdfa257 100644 --- a/source3/libsmb/clifile.c +++ b/source3/libsmb/clifile.c @@ -552,13 +552,13 @@ NTSTATUS cli_rename(struct cli_state *cli, const char *fname_src, const char *fn NT Rename a file. / -static void cli_ntrename_done(struct tevent_req *subreq); +static void cli_ntrename_internal_done(struct tevent_req *subreq); -struct cli_ntrename_state { +struct cli_ntrename_internal_state { uint16_t vwv[4]; }; -static struct tevent_req *cli_ntrename_send_internal(TALLOC_CTX *mem_ctx, +static struct tevent_req *cli_ntrename_internal_send(TALLOC_CTX *mem_ctx, struct event_context *ev, struct cli_state *cli, const char *fname_src, @@ -566,11 +566,12 @@ static struct tevent_req *cli_ntrename_send_internal(TALLOC_CTX *mem_ctx, uint16_t rename_flag) { struct tevent_req *req = NULL, *subreq = NULL; - struct cli_ntrename_state *state = NULL; + struct cli_ntrename_internal_state *state = NULL; uint8_t additional_flags = 0; uint8_t *bytes = NULL; - req = tevent_req_create(mem_ctx, state, struct cli_ntrename_state); + req = tevent_req_create(mem_ctx, state, + struct cli_ntrename_internal_state); if (req == NULL) { return NULL; } @@ -607,25 +608,11 @@ static struct tevent_req *cli_ntrename_send_internal(TALLOC_CTX *mem_ctx, if (tevent_req_nomem(subreq, req)) { return tevent_req_post(req, ev); } - tevent_req_set_callback(subreq, cli_ntrename_done, req); + tevent_req_set_callback(subreq, cli_ntrename_internal_done, req); return req; } -struct tevent_req *cli_ntrename_send(TALLOC_CTX *mem_ctx, - struct event_context *ev, - struct cli_state *cli, - const char *fname_src, - const char *fname_dst) -{ - return cli_ntrename_send_internal(mem_ctx, - ev, - cli, - fname_src, - fname_dst, - RENAME_FLAG_RENAME); -} - -static void cli_ntrename_done(struct tevent_req *subreq) +static void cli_ntrename_internal_done(struct tevent_req *subreq) { struct tevent_req *req = tevent_req_callback_data( subreq, struct tevent_req); @@ -640,11 +627,30 @@ static void cli_ntrename_done(struct tevent_req *subreq) tevent_req_done(req); } -NTSTATUS cli_ntrename_recv(struct tevent_req *req) +static NTSTATUS cli_ntrename_internal_recv(struct tevent_req *req) { return tevent_req_simple_recv_ntstatus(req); } +struct tevent_req *cli_ntrename_send(TALLOC_CTX *mem_ctx, + struct event_context *ev, + struct cli_state *cli, + const char *fname_src, + const char *fname_dst) +{ + return cli_ntrename_internal_send(mem_ctx, + ev, + cli, + fname_src, + fname_dst, + RENAME_FLAG_RENAME); +} + +NTSTATUS cli_ntrename_recv(struct tevent_req *req) +{ + return cli_ntrename_internal_recv(req); +} + NTSTATUS cli_ntrename(struct cli_state *cli, const char *fname_src, const char *fname_dst) { TALLOC_CTX *frame = talloc_stackframe(); @@ -697,17 +703,17 @@ struct tevent_req *cli_nt_hardlink_send(TALLOC_CTX *mem_ctx, const char
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha7-1522-gefbc431
The branch, master has been updated via efbc4315d22f5b2c255c723dd1a180c300b8 (commit) via c291a55a352a8ee09e9e6ac118e3b0c31a9905e8 (commit) from 5c76472491b813350d01a6398687af0e52fda819 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit efbc4315d22f5b2c255c723dd1a180c300b8 Author: Volker Lendecke v...@samba.org Date: Sat May 9 13:46:08 2009 +0200 Fix the mangle1 test commit c291a55a352a8ee09e9e6ac118e3b0c31a9905e8 Author: Volker Lendecke v...@samba.org Date: Sat May 9 11:12:52 2009 +0200 Do not call SMB_VFS_GET_REAL_FILENAME if the name is mangled The GPFS get_real_file name does not know about mangled names. Tim, if onefs does not either, you need this bugfix :-) In case onefs does 8.3 names, we need to pass the mangled flag down to SMB_VFS_GET_REAL_FILENAME to give GPFS a chance say ENOTSUPP and do the fallback. --- Summary of changes: source3/smbd/filename.c | 17 +++-- source3/torture/torture.c |2 +- 2 files changed, 12 insertions(+), 7 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/filename.c b/source3/smbd/filename.c index 774ab27..0d5529b 100644 --- a/source3/smbd/filename.c +++ b/source3/smbd/filename.c @@ -791,16 +791,14 @@ static bool fname_equal(const char *name1, const char *name2, static int get_real_filename_full_scan(connection_struct *conn, const char *path, const char *name, + bool mangled, TALLOC_CTX *mem_ctx, char **found_name) { struct smb_Dir *cur_dir; const char *dname; - bool mangled; char *unmangled_name = NULL; long curpos; - mangled = mangle_is_mangled(name, conn-params); - /* handle null paths */ if ((path == NULL) || (*path == 0)) { path = .; @@ -897,6 +895,14 @@ int get_real_filename(connection_struct *conn, const char *path, char **found_name) { int ret; + bool mangled; + + mangled = mangle_is_mangled(name, conn-params); + + if (mangled) { + return get_real_filename_full_scan(conn, path, name, mangled, + mem_ctx, found_name); + } /* Try the vfs first to take advantage of case-insensitive stat. */ ret = SMB_VFS_GET_REAL_FILENAME(conn, path, name, mem_ctx, found_name); @@ -910,9 +916,8 @@ int get_real_filename(connection_struct *conn, const char *path, return ret; } - ret = get_real_filename_full_scan(conn, path, name, mem_ctx, - found_name); - return ret; + return get_real_filename_full_scan(conn, path, name, mangled, mem_ctx, + found_name); } static NTSTATUS build_stream_path(TALLOC_CTX *mem_ctx, diff --git a/source3/torture/torture.c b/source3/torture/torture.c index 1d46346..53a39c6 100644 --- a/source3/torture/torture.c +++ b/source3/torture/torture.c @@ -5065,7 +5065,7 @@ static bool run_mangle1(int dummy) cli_sockopt(cli, sockops); - if (NT_STATUS_IS_OK(cli_ntcreate( + if (!NT_STATUS_IS_OK(cli_ntcreate( cli, fname, 0, GENERIC_ALL_ACCESS|DELETE_ACCESS, FILE_ATTRIBUTE_NORMAL, 0, FILE_OVERWRITE_IF, 0, 0, fnum))) { d_printf(open %s failed: %s\n, fname, cli_errstr(cli)); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-4-test updated - release-4-0-0alpha7-928-g97c6682
The branch, v3-4-test has been updated via 97c668276d24743065f16dccaf29704b6f3857f4 (commit) from b6c86e1ef28d9008eec1d39ad714a475dc735c38 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-4-test - Log - commit 97c668276d24743065f16dccaf29704b6f3857f4 Author: Volker Lendecke v...@samba.org Date: Sat May 9 11:12:52 2009 +0200 Do not call SMB_VFS_GET_REAL_FILENAME if the name is mangled The GPFS get_real_file name does not know about mangled names. Tim, if onefs does not either, you need this bugfix :-) In case onefs does 8.3 names, we need to pass the mangled flag down to SMB_VFS_GET_REAL_FILENAME to give GPFS a chance say ENOTSUPP and do the fallback. --- Summary of changes: source3/smbd/filename.c | 17 +++-- 1 files changed, 11 insertions(+), 6 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/filename.c b/source3/smbd/filename.c index 774ab27..0d5529b 100644 --- a/source3/smbd/filename.c +++ b/source3/smbd/filename.c @@ -791,16 +791,14 @@ static bool fname_equal(const char *name1, const char *name2, static int get_real_filename_full_scan(connection_struct *conn, const char *path, const char *name, + bool mangled, TALLOC_CTX *mem_ctx, char **found_name) { struct smb_Dir *cur_dir; const char *dname; - bool mangled; char *unmangled_name = NULL; long curpos; - mangled = mangle_is_mangled(name, conn-params); - /* handle null paths */ if ((path == NULL) || (*path == 0)) { path = .; @@ -897,6 +895,14 @@ int get_real_filename(connection_struct *conn, const char *path, char **found_name) { int ret; + bool mangled; + + mangled = mangle_is_mangled(name, conn-params); + + if (mangled) { + return get_real_filename_full_scan(conn, path, name, mangled, + mem_ctx, found_name); + } /* Try the vfs first to take advantage of case-insensitive stat. */ ret = SMB_VFS_GET_REAL_FILENAME(conn, path, name, mem_ctx, found_name); @@ -910,9 +916,8 @@ int get_real_filename(connection_struct *conn, const char *path, return ret; } - ret = get_real_filename_full_scan(conn, path, name, mem_ctx, - found_name); - return ret; + return get_real_filename_full_scan(conn, path, name, mangled, mem_ctx, + found_name); } static NTSTATUS build_stream_path(TALLOC_CTX *mem_ctx, -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha7-1523-gefa9bc9
The branch, master has been updated via efa9bc9dc690e77ef623e7337b34b14d13912101 (commit) from efbc4315d22f5b2c255c723dd1a180c300b8 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit efa9bc9dc690e77ef623e7337b34b14d13912101 Author: Simo Sorce i...@samba.org Date: Sat May 9 11:26:14 2009 -0400 Pass also sername to check password script --- Summary of changes: source3/smbd/chgpasswd.c | 16 1 files changed, 12 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/chgpasswd.c b/source3/smbd/chgpasswd.c index dd1864e..2eb09d1 100644 --- a/source3/smbd/chgpasswd.c +++ b/source3/smbd/chgpasswd.c @@ -1085,6 +1085,7 @@ NTSTATUS change_oem_password(struct samu *hnd, char *old_passwd, char *new_passw { uint32 min_len; uint32 refuse; + TALLOC_CTX *tosctx = talloc_tos(); struct passwd *pass = NULL; const char *username = pdb_get_username(hnd); time_t can_change_time = pdb_get_pass_can_change_time(hnd); @@ -1122,7 +1123,7 @@ NTSTATUS change_oem_password(struct samu *hnd, char *old_passwd, char *new_passw if ((can_change_time != 0) (time(NULL) can_change_time)) { DEBUG(1, (user %s cannot change password now, must wait until %s\n, username, - http_timestring(talloc_tos(), can_change_time))); + http_timestring(tosctx, can_change_time))); if (samr_reject_reason) { *samr_reject_reason = SAMR_REJECT_OTHER; } @@ -1147,7 +1148,7 @@ NTSTATUS change_oem_password(struct samu *hnd, char *old_passwd, char *new_passw return NT_STATUS_PASSWORD_RESTRICTION; } - pass = Get_Pwnam_alloc(talloc_tos(), username); + pass = Get_Pwnam_alloc(tosctx, username); if (!pass) { DEBUG(1, (change_oem_password: Username %s does not exist in system !?!\n, username)); return NT_STATUS_ACCESS_DENIED; @@ -1156,9 +1157,16 @@ NTSTATUS change_oem_password(struct samu *hnd, char *old_passwd, char *new_passw /* Use external script to check password complexity */ if (lp_check_password_script() *(lp_check_password_script())) { int check_ret; + char *cmd; - check_ret = smbrunsecret(lp_check_password_script(), new_passwd); - DEBUG(5, (change_oem_password: check password script (%s) returned [%d]\n, lp_check_password_script(), check_ret)); + cmd = talloc_string_sub(tosctx, lp_check_password_script(), %u, username); + if (!cmd) { + return NT_STATUS_PASSWORD_RESTRICTION; + } + + check_ret = smbrunsecret(cmd, new_passwd); + DEBUG(5, (change_oem_password: check password script (%s) returned [%d]\n, cmd, check_ret)); + TALLOC_FREE(cmd); if (check_ret != 0) { DEBUG(1, (change_oem_password: check password script said new password is not good enough!\n)); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha7-1525-g46dea8c
The branch, master has been updated via 46dea8c24750b98ca589777904cc05e4e3e92d71 (commit) via af2189cfeda936a91eda7313c029272bbfd8811f (commit) from efa9bc9dc690e77ef623e7337b34b14d13912101 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 46dea8c24750b98ca589777904cc05e4e3e92d71 Author: Volker Lendecke v...@samba.org Date: Sat May 9 21:12:33 2009 +0200 wb_int_trans - wb_simple_trans in wbclient.c commit af2189cfeda936a91eda7313c029272bbfd8811f Author: Volker Lendecke v...@samba.org Date: Sat May 9 21:01:09 2009 +0200 Add wb_simple_trans_send/recv --- Summary of changes: source3/include/wbc_async.h |7 ++ source3/lib/wb_reqtrans.c | 131 - source3/lib/wbclient.c | 172 ++- 3 files changed, 161 insertions(+), 149 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/include/wbc_async.h b/source3/include/wbc_async.h index 57b0cb8..57625d5 100644 --- a/source3/include/wbc_async.h +++ b/source3/include/wbc_async.h @@ -61,4 +61,11 @@ struct tevent_req *wb_resp_write_send(TALLOC_CTX *mem_ctx, struct winbindd_response *wb_resp); ssize_t wb_resp_write_recv(struct tevent_req *req, int *err); +struct tevent_req *wb_simple_trans_send(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + struct tevent_queue *queue, int fd, + struct winbindd_request *wb_req); +int wb_simple_trans_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx, +struct winbindd_response **presponse, int *err); + #endif /*_WBC_ASYNC_H_*/ diff --git a/source3/lib/wb_reqtrans.c b/source3/lib/wb_reqtrans.c index d7ec17b..c11561f 100644 --- a/source3/lib/wb_reqtrans.c +++ b/source3/lib/wb_reqtrans.c @@ -169,7 +169,14 @@ static void wb_req_write_done(struct tevent_req *subreq) int err; state-ret = writev_recv(subreq, err); - TALLOC_FREE(subreq); + /* +* We do not TALLOC_FREE(subreq) here, as this would trigger the next +* write of a client. The winbind protocol is purely request/response +* without multiplex ID's, so having multiple requeusts on the fly +* would confuse sequencing. +* +* Eventually the writev_req will be freed, subreq a child of req +*/ if (state-ret 0) { tevent_req_error(req, err); return; @@ -337,3 +344,125 @@ ssize_t wb_resp_write_recv(struct tevent_req *req, int *err) } return state-ret; } + +static bool closed_fd(int fd) +{ + struct timeval tv; + fd_set r_fds; + + if (fd == -1) { + return true; + } + + FD_ZERO(r_fds); + FD_SET(fd, r_fds); + ZERO_STRUCT(tv); + + if ((select(fd+1, r_fds, NULL, NULL, tv) == -1) + || FD_ISSET(fd, r_fds)) { + return true; + } + + return false; +} + +struct wb_simple_trans_state { + struct tevent_context *ev; + int fd; + struct winbindd_response *wb_resp; +}; + +static void wb_simple_trans_write_done(struct tevent_req *subreq); +static void wb_simple_trans_read_done(struct tevent_req *subreq); + +struct tevent_req *wb_simple_trans_send(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + struct tevent_queue *queue, int fd, + struct winbindd_request *wb_req) +{ + struct tevent_req *req, *subreq; + struct wb_simple_trans_state *state; + + req = tevent_req_create(mem_ctx, state, struct wb_simple_trans_state); + if (req == NULL) { + return NULL; + } + + if (closed_fd(fd)) { + tevent_req_error(req, EPIPE); + return tevent_req_post(req, ev); + } + + wb_req-length = sizeof(struct winbindd_request); + + state-ev = ev; + state-fd = fd; + + subreq = wb_req_write_send(state, ev, queue, fd, wb_req); + if (tevent_req_nomem(subreq, req)) { + return tevent_req_post(req, ev); + } + tevent_req_set_callback(subreq, wb_simple_trans_write_done, req); + + return req; +} + +static void wb_simple_trans_write_done(struct tevent_req *subreq) +{ + struct tevent_req *req = tevent_req_callback_data( + subreq, struct tevent_req); + struct wb_simple_trans_state *state = tevent_req_data( + req, struct wb_simple_trans_state); + ssize_t ret; + int err; + + ret = wb_req_write_recv(subreq, err); + /* +* We do not TALLOC_FREE(subreq) here, as this would trigger the next +*
Build status as of Sun May 10 00:00:03 2009
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2009-05-09 00:00:26.0 + +++ /home/build/master/cache/broken_results.txt 2009-05-10 00:00:46.0 + @@ -0,0 +1,22 @@ +Build status as of Sun May 10 00:00:03 2009 + +Build counts: +Tree Total Broken Panic +build_farm 0 0 0 +ccache 31 6 0 +distcc 0 0 0 +ldb 32 32 0 +libreplace 32 11 0 +lorikeet 0 0 0 +pidl 21 3 0 +ppp 15 0 0 +rsync32 11 0 +samba-docs 0 0 0 +samba-web0 0 0 +samba_3_current 30 17 0 +samba_3_master 31 30 1 +samba_3_next 31 30 1 +samba_4_0_test 32 31 2 +talloc 30 32 0 +tdb 29 11 0 +
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha7-1526-g831b73e
The branch, master has been updated via 831b73ec82717c3c73ea1250f9c94228d251c1ec (commit) from 46dea8c24750b98ca589777904cc05e4e3e92d71 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 831b73ec82717c3c73ea1250f9c94228d251c1ec Author: Volker Lendecke v...@samba.org Date: Sun May 10 07:42:55 2009 +0200 Fix an unitialized variable warning --- Summary of changes: libcli/named_pipe_auth/npa_tstream.c |3 +++ 1 files changed, 3 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/libcli/named_pipe_auth/npa_tstream.c b/libcli/named_pipe_auth/npa_tstream.c index 57e8418..fdb55c7 100644 --- a/libcli/named_pipe_auth/npa_tstream.c +++ b/libcli/named_pipe_auth/npa_tstream.c @@ -458,6 +458,9 @@ static ssize_t tstream_npa_pending_bytes(struct tstream_context *stream) case FILE_TYPE_MESSAGE_MODE_PIPE: ret = npas-pending.iov_len; break; + + default: + ret = -1; } return ret; -- Samba Shared Repository